TACLANE
®Agile Performance Enhancing Proxy (PEP)
Software feature increases network availability and performance
over disadvantaged networks
Contents
Disadvantaged Networks and Challenges 2 TACLANE Agile Performance Enhancing Proxy (PEP) Solution 2
TACLANE Agile PEP Features 3
Performance Testing 5
Availability 6
Conclusion 6
Disadvantaged Networks and Challenges
One of the most significant issues for a forward deployment is to ensure sufficient communication is available to facilitate proper coordination of the operation. A tactical deployment can’t always rely on an established terrestrial network infrastructure as the network could be unreliable or even non-existent. For these reasons, tactical missions are relying more on wireless networks to provide voice and data connectivity.
Fortunately non-terrestrial access is getting easier and less expensive to deploy.
To support this growing requirement, both DoD and Commercial SATCOM networks are being used to meet the increasing demand for high bandwidth SATCOM
communications. Geostationary satellite links provide easy and fast network access for these emerging mobile users.
However, these networks are often described as “disadvantaged networks” as they are negatively impacted by link properties such as limited capacity, delay, and bit error rate. A link based on a geostationary satellite induces a long propagation delay due to the satellite altitude. Furthermore, these networks can show high bit error rate/
high packet loss due to interference, weather and fading. These limitations particularly impact data that is transported on the widely used Transmission Control Protocol (TCP).
When used in disadvantaged networks, the TCP protocol introduces three known problems:
• Underutilized Link: When TCP transmits a certain amount of data, the sender has to wait for an acknowledgment before continuing. For links with a
significant bandwidth-delay (in terms of the link’s capacity and the round-trip delay time), the sender will slowly ramp up the transmit data but overall will vastly under-utilize the link.
• Reduced Transmission Rate: TCP interprets any lost segment as congestion and reacts accordingly. For TCP algorithms not specifically designed for degraded networks, link errors cause the sender to incorrectly reduce the transmit data rate.
• TCP Fairness: Connections with long Round Trip Times (RTT) that compete with terrestrial TCP connections are not able to achieve a fair share of the available shared bandwidth.
TACLANE Agile Performance Enhancing Proxy (PEP) Solution
To increase network availability and accelerate performance in disadvantaged networks, General Dynamics developed the TACLANE Agile Performance Enhancing Proxy (PEP) software feature. This integrated approach can eliminate the need for external PEP devices. The TACLANE Agile PEP function isolates the TCP problem from the rest of the network and accelerates performance over disadvantaged networks.
The TACLANE Agile PEP function works by hosting a specialized version of TCP, designed for disadvantaged networks, as the preferred transport protocol for TCP communications on the WAN side. Using this specialized TCP as a proxy results in better performance than an end-to-end standard TCP. The TACLANE Agile PEP does utilize a version of TCP on the LAN side that is optimized for high speed networks.
TACLANE Agile PEP Features
• WAN Side Acceleration: A specialized version of TCP is utilized for the WAN-side link. The TACLANE Agile PEP implementation improves performance of disadvan- taged networks by:
- Aggressively increasing the window size in order to push more data through the satellite link faster.
- Enabling selective acknowledgements (SACK) for TCP. SACK allows the sender to send only the loss data vs. resetting back to the point of the loss and then retransmitting all the data since the initial loss.
- Enhancing bandwidth fairness for a network with multiple flows.
• LAN Side Acceleration: An optimized congestion control algorithm tuned for high speed networks is utilized on the LAN side.
• Agile Protocol Support: TACLANE Agile PEP uniquely provides simultaneous sup- port for concurrent TACLANE Agile PEP, Standard TCP connections and all HAIPE traffic types on a per packet basis as well as the following protocol features:
- IPv4 and IPv6 Packets - VLAN tagged TCP packets
- Up to 10 Mbps aggregate traffic rate
- Up to four destination subnets that enable the TACLANE Agile PEP feature - Up to 50 concurrent TCP connections (any additional TCP connections will be
supported but will not use the TACLANE Agile PEP)
• Packet Statistics: The TACLANE Agile PEP feature will provide local HMI and GEM™
One users with packet counts for PEP LAN Rx/Tx/Dropped and PEP WAN Rx/Tx/
Dropped as well as TCP Connections Count and TCP Active Connections Count.
These counts will inform the user that the TACLANE Agile PEP feature is process- ing packets properly.
Figure 1: TACLANE Agile PEP Solution using TCP for Disadvantaged Networks Standard TCP
LAN
Field Laptop
Standard TCP
Server Specialized TCP
TACLANE
w/Agile PEP TACLANE
w/Agile PEP WAN LAN
Benefits to Users in Disadvantaged Networks
• Increases network availability and accelerates perfor- mance in disadvan- taged networks
• Agile Protocol Support for TACLANE Agile PEP; Standard TCP and all HAIPE traffic
• Packet Statistics via HMI and GEM One
• Symmetric and Asymmetric Operation
• Integrated Approach Saves Equipment Costs and SWAP in Con- strained Environments
Figure 2: TACLANE Agile PEP Packet Statistics as shown on the TACLANE HMI
• Asymmetric operation: The TACLANE Agile PEP is able to operate asymmetrically (without a paired TACLANE Agile PEP) with any standards compliant TCP protocol over the LAN or WAN. If traffic is heavier in one direction, such as from a server to a client, then the TACLANE Agile PEP that fronts the server will provide the most im- provement on the TCP traffic from the server to the host. However, TACLANE Agile PEP will operate optimally when used in a symmetric configuration (on each side of the satellite link)
Field Laptop
HAIPE INE
without PEP Data Center
Satellite Modem Satellite Modem
TACLANE w/Agile PEP
TACLANE Agile PEP Asymmetric Configuration
Figure 3: TACLANE Agile PEP Single Side (Asymmetric) Configuration Example
Performance Testing
The TACLANE Agile PEP feature provides performance increases over the standard TCP algorithms installed with current operating systems by providing a specialized tuned algorithm for TCP connections destined for the CT network. General Dynamics testing of the TACLANE Agile PEP feature is compared against the modern TCP algorithms provided with Windows® and Linux® operating systems as these are the expected default TCP algorithms in use today. TACLANE Agile PEP will provide an even more significant performance increase against older legacy TCP algorithms as the current operating system algorithms were created to handle some delay and errors (with the rise of the cell phone industry).
Windows® 7 uses a TCP algorithm named New Reno but the TCP algorithm Compound TCP is also available to install. A wide variety of TCP algorithms are available for Linux but the current default algorithm for Linux is Cubic (since 2.6.19). General Dynamics testing measures TACLANE Agile PEP improvements based on New Reno and Cubic.
Table. 1 – Measured Throughput For a Disadvantaged Link Parameters: RTT set to 1000ms, link rate set to 1Mbps, 1 TCP connection
Initial throughput testing data indicates that the TACLANE Agile PEP outperforms the Windows TCP (New Reno) and Linux TCP (Cubic) when network losses occur and there is a significant Round Trip Time (RTT). Even when minimal errors are introduced, the TACLANE Agile PEP substantially outperforms Windows. When compared to Linux, the increased performance appears when the packet loss exceeds 0.10%. Improvements continue to increase as the packet loss increases. This shows that the TACLANE Agile PEP will provide a substantial network availability improvement for networks that experience extended periods of network errors (due to weather, fading, etc.).
Availability
The TACLANE Agile PEP feature will be introduced on the new small form factor TACLANE-Nano Encryptor (KG-175N), which is designed for tactical edge deployments where disadvantaged networks are often utilized. This integrated approach eliminates the need for external PEP devices, which leads to cost savings and reduced size, weight, and power for space constrained environments. The TACLANE-Nano is expected to be submitted to NSA for certification 4Q2018.
Conclusion
The TACLANE Agile PEP software feature provides significant performance improve- ments for secure communications over disadvantaged networks while not interfering with other protocols being used. The unique ability to simultaneously support TACLANE Agile PEP, standard TCP connections and all HAIPE traffic types on a per packet basis provides optimal secure communications performance. Other performance improvements include increased efficiency of link usage, accelerated data transmission rate and enhanced TCP fairness for shared bandwidth. Current test data proves that TACLANE Agile PEP provides a significant increase over legacy and modern TCP algorithms as the packet errors increase.
TACLANE Agile PEP Shows Consistent Throughput Even with High Packet Loss
% of Packet Loss Due to Net-
work Error 0% 0.10% 0.20% 0.50% 1% 2% 5% 10%
No PEP - Windows to Windows
(Kbps) 880 592 417 242 160 128 96 64
No PEP - Linux to Linux (Kbps) 888 888 716 634 536 296 184 64
TACLANE Agile PEP- Symmetric
Configuration (Kbps) 888 888 888 882 880 880 776 616
TACLANE(R)-Nano (KG-175N)
Secure Mobile Voice, Video Data for Tactical Operations
- 50 Mb/s Throughput (100 Mb/s Aggregate) - Designed to protect
information classified TS/SCI and Below - MIL-STD Ruggedized - Multiple Power Sources
(POE, USB)
- Remote Zeroization Control Interface for Unattended Applica- tions
- Supports Agile VLAN for Enhanced
Networking - Key, Algorithm,
Protocol Agile
- Safe Keying Features - KMI OTNK and ACC
Complaint
- GEM™ One Remote Management - Expected to be
Submitted to NSA 4Q 2018
For more information on the TACLANE-Nano Encryptor (KG-175N) please visit: www.
gdmissionsystems.com/
taclanenano